Java Reference
In-Depth Information
<security-domain name="jboss-web-policy"
cache-type="default">
<authorization>
<policy-module code="Delegating"
flag="required"/>
</authorization>
</security-domain>
<security-domain name="jboss-ejb-policy"
cache-type="default">
<authorization>
<policy-module code="Delegating"
flag="required"/>
</authorization>
</security-domain>
</security-domains>
</subsystem>
Configuration files are defined in the security realm using the following code:
<security-realm name="ApplicationRealm">
<authentication>
<local default-user="$local" allowed-users="*"/>
<properties path="application-users.properties"
relative-to="jboss.server.config.dir"/>
</authentication>
<authorization>
<properties path="application-roles.properties"
relative-to="jboss.server.config.dir"/>
</authorization>
</security-realm>
As you can see, the configuration is pretty short as it relies largely on default values, espe-
cially for high-level structures such as the security management area. By defining your
own security management options, you could, for example, override the default authentic-
ation/authorization managers with your implementations. Since it is likely that you will
not need to override these interfaces, we will rather concentrate on the
security-do-
main
element, which is the core aspect of WildFly security.
